Skip to content

ci(release): Switch from action-prepare-release to Craft #831

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
BYK wants to merge 13 commits into
base: main
Choose a base branch
from
Open

ci(release): Switch from action-prepare-release to Craft #831

BYK wants to merge 13 commits into from

Conversation

@BYK
Copy link
Member

@BYK BYK commented Jan 9, 2026

Summary

This PR migrates from the deprecated action-prepare-release to the new Craft GitHub Actions.

Changes

  • Migrated .github/workflows/release.yml to Craft reusable workflow

Documentation

See https://getsentry.github.io/craft/github-actions/ for more information.

@BYK
ci(release): Switch from action-prepare-release to Craft
a25a115 
This PR migrates from the deprecated action-prepare-release to the new
Craft GitHub Actions (reusable workflow or composite action).

Changes:
- Migrate .github/workflows/release.yml to Craft reusable workflow
@github-actions
Copy link

github-actions bot commented Jan 9, 2026
edited
Loading

Semver Impact of This PR

🟢 Patch (bug fixes)

📋 Changelog Preview

This is how your changes will appear in the changelog.
Entries from this PR are highlighted with a left border (blockquote style).

Bug Fixes 🐛

  • (esbuild) Fix debug ID injection when moduleMetadata or applicationKey is set by logaretm in #828
  • (rollup) Prevent double-injection of debug ID by s1gr1d in #827
  • (vite) Skip code injection for HTML facade chunks by logaretm in #830

Build / dependencies / internal 🔧

  • (release) Switch from action-prepare-release to Craft by BYK in #831

🤖 This preview updates automatically when you update the PR.

BYK added 2 commits January 9, 2026 23:16
@BYK
ci(release): Restore GitHub App token authentication
3c04ee1 
The previous migration incorrectly removed the GitHub App token
authentication step. This commit restores it by switching to the
composite action pattern which preserves the auth flow.
@BYK
fix: Pin actions to SHA and add permissions blocks
850a068
sentry[bot]
sentry bot reviewed Jan 10, 2026
View reviewed changes
.github/workflows/release.yml Outdated
Comment on lines 34 to 40
uses: getsentry/craft@39ee616a6a58dc64797feecb145d66770492b66c # v2
env:
GITHUB_TOKEN: ${{ steps.token.outputs.token }}
with:
version: ${{ inputs.version }}
force: ${{ inputs.force }}
merge_target: ${{ inputs.merge_target }}

This comment was marked as outdated.

Sign in to view

sentry[bot]
sentry bot reviewed Jan 10, 2026
View reviewed changes
.github/workflows/release.yml Outdated
Comment on lines 34 to 39
uses: getsentry/craft@39ee616a6a58dc64797feecb145d66770492b66c # v2
env:
GITHUB_TOKEN: ${{ steps.token.outputs.token }}
with:
version: ${{ inputs.version }}
force: ${{ inputs.force }}
Copy link

@sentry sentry bot Jan 10, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Bug: The release.yml workflow incorrectly calls getsentry/craft@v2 as a composite action within steps. It should be invoked as a reusable workflow at the job level.
Severity: CRITICAL

🔍 Detailed Analysis

The release.yml workflow attempts to call getsentry/craft@v2 from within a job's steps. However, version 2 of getsentry/craft provides reusable workflows, not composite actions. Reusable workflows must be invoked at the job level using jobs.<job-id>.uses:. This incorrect invocation pattern will cause the workflow to fail at runtime, blocking the release process. The changelog-preview.yml file in this same pull request demonstrates the correct job-level invocation pattern for a v2 workflow.

💡 Suggested Fix

Modify the release.yml workflow to call getsentry/craft as a reusable workflow. Instead of calling it within steps, define a job that uses getsentry/craft/.github/workflows/release.yml@v2 at the job level, similar to how changelog-preview.yml is structured.

🤖 Prompt for AI Agent 
Review the code at the location below. A potential bug has been identified by an AI
agent.
Verify if this is a real issue. If it is, propose a fix; if not, explain why it's not
valid.

Location: .github/workflows/release.yml#L34-L39

Potential issue: The `release.yml` workflow attempts to call `getsentry/craft@v2` from
within a job's `steps`. However, version 2 of `getsentry/craft` provides reusable
workflows, not composite actions. Reusable workflows must be invoked at the job level
using `jobs.<job-id>.uses:`. This incorrect invocation pattern will cause the workflow
to fail at runtime, blocking the release process. The `changelog-preview.yml` file in
this same pull request demonstrates the correct job-level invocation pattern for a v2
workflow.

Did we get this right? 👍 / 👎 to inform future reviews.
Reference ID: 8427911

sentry[bot]
sentry bot reviewed Jan 12, 2026
View reviewed changes
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

1 more reviewer

@sentry sentry[bot] sentry[bot] left review comments

Reviewers whose approvals may not affect merge requirements

At least 1 approving review is required to merge this pull request.

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@BYK